Skip to content

Commit

Permalink
updated hostnames to always be uppercase
Browse files Browse the repository at this point in the history
  • Loading branch information
@its-a-feature
its-a-feature committed Mar 25, 2021
1 parent 8cd8698 commit c82266c
Show file tree
Hide file tree
Showing 10 changed files with 52 additions and 41 deletions.
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ A cross-platform, post-exploit, red teaming framework built with python3, docker
* Objective By the Sea 2019 talk on JXA: https://objectivebythesea.com/v2/talks/OBTS_v2_Thomas.pdf
* Objective By the sea 2019 Video: https://www.youtube.com/watch?v=E-QEsGsq3uI&list=PLliknDIoYszvTDaWyTh6SYiTccmwOsws8&index=17

* Current Version: 2.1.17
* Current Version: 2.1.18

## Documentation

Expand Down
6 changes: 3 additions & 3 deletions mythic-docker/app/api/callback_api.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -486,7 +486,7 @@ async def create_callback_func(data, request):
cal = await db_objects.create(
Callback,
user=data["user"],
host=data["host"],
host=data["host"].upper(),
pid=data["pid"],
ip=data["ip"],
description=payload.tag,
Expand All @@ -511,7 +511,7 @@ async def create_callback_func(data, request):
)
await db_objects.create(
db_model.PayloadOnHost,
host=data["host"],
host=data["host"].upper(),
payload=payload,
operation=payload.operation,
)
Expand Down Expand Up @@ -735,7 +735,7 @@ async def update_callback(data, UUID):
if "ip" in data:
cal.ip = data["ip"]
if "host" in data:
cal.host = data["host"]
cal.host = data["host"].upper()
if "external_ip" in data:
cal.external_ip = data["external_ip"]
if "integrity_level" in data:
Expand Down
6 changes: 3 additions & 3 deletions mythic-docker/app/api/file_api.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -359,7 +359,7 @@ async def create_filemeta_in_database_func(data):
fb_object = await db_objects.get(
query,
full_path=data["full_path"].encode("unicode-escape"),
host=data["host"].encode("unicode-escape"),
host=data["host"].upper().encode("unicode-escape"),
)
file_browser = fb_object
except Exception as e:
Expand All @@ -382,7 +382,7 @@ async def create_filemeta_in_database_func(data):
file_browser=file_browser,
filename=filename.name,
is_download_from_agent=True,
host=data["host"].encode("unicode-escape"),
host=data["host"].upper().encode("unicode-escape"),
)
if filemeta.is_screenshot:
await log_to_siem(task.to_json(), mythic_object="file_screenshot")
Expand Down Expand Up @@ -489,7 +489,7 @@ async def download_file_to_disk_func(data):
file_meta = await db_objects.get(query, agent_file_id=data["file_id"])
file_meta.chunks_received = file_meta.chunks_received + 1
if "host" in data and data["host"] is not None and data["host"] != "":
file_meta.host = data["host"].encode("unicode-escape")
file_meta.host = data["host"].upper().encode("unicode-escape")
if "full_path" in data and data["full_path"] is not None and data["full_path"] != "":
file_meta.full_remote_path = data["full_path"].encode("unicode-escape")
if file_meta.file_browser is None:
Expand Down
22 changes: 11 additions & 11 deletions mythic-docker/app/api/file_browser_api.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,9 +62,9 @@ async def get_filebrowser_tree_for_operation(operation_name):
final_output = {}
for e in objs:
e_json = e.to_json()
if e_json["host"] not in final_output:
final_output[e_json["host"]] = []
final_output[e_json["host"]].append(e_json)
if e_json["host"].upper() not in final_output:
final_output[e_json["host"].upper()] = []
final_output[e_json["host"].upper()].append(e_json)
return {"status": "success", "output": final_output}
except Exception as e:
print(e)
Expand Down Expand Up @@ -102,7 +102,7 @@ async def store_response_into_filebrowserobj(operation, task, response):
filebrowserobj = await db_objects.get(
query,
operation=operation,
host=response["host"].encode("unicode-escape"),
host=response["host"].upper().encode("unicode-escape"),
name=response["name"].encode("unicode-escape"),
is_file=response["is_file"],
parent=parent,
Expand All @@ -127,7 +127,7 @@ async def store_response_into_filebrowserobj(operation, task, response):
db_model.FileBrowserObj,
task=task,
operation=operation,
host=response["host"].encode("unicode-escape"),
host=response["host"].upper().encode("unicode-escape"),
name=response["name"].encode("unicode-escape"),
permissions=js.dumps(response["permissions"]).encode("unicode-escape"),
parent=parent,
Expand All @@ -152,7 +152,7 @@ async def store_response_into_filebrowserobj(operation, task, response):
newfileobj = await db_objects.get(
query,
operation=operation,
host=response["host"].encode("unicode-escape"),
host=response["host"].upper().encode("unicode-escape"),
name=f["name"].encode("unicode-escape"),
is_file=f["is_file"],
parent=filebrowserobj,
Expand All @@ -172,7 +172,7 @@ async def store_response_into_filebrowserobj(operation, task, response):
db_model.FileBrowserObj,
task=task,
operation=operation,
host=response["host"].encode("unicode-escape"),
host=response["host"].upper().encode("unicode-escape"),
parent=filebrowserobj,
permissions=js.dumps(f["permissions"]).encode("unicode-escape"),
parent_path=str(parent_path).encode("unicode-escape"),
Expand Down Expand Up @@ -213,7 +213,7 @@ async def add_upload_file_to_file_browser(operation, task, file, data):
await store_response_into_filebrowserobj(operation, task, data)
fbo_query = await db_model.filebrowserobj_query()
fbo = await db_objects.get(fbo_query, operation=operation,
host=data["host"].encode("unicode-escape"),
host=data["host"].upper().encode("unicode-escape"),
full_path=data["full_path"].encode("unicode-escape"))
file.file_browser = fbo
except Exception as e:
Expand Down Expand Up @@ -267,7 +267,7 @@ async def create_and_check_parents(operation, task, response):
try:
parent = await db_objects.get(
query,
host=response["host"].encode("unicode-escape"),
host=response["host"].upper().encode("unicode-escape"),
parent=parent_obj,
name=name.encode("unicode-escape"),
operation=operation,
Expand All @@ -280,7 +280,7 @@ async def create_and_check_parents(operation, task, response):
db_model.FileBrowserObj,
task=task,
operation=operation,
host=response["host"].encode("unicode-escape"),
host=response["host"].upper().encode("unicode-escape"),
name=name.encode("unicode-escape"),
parent=parent_obj,
parent_path=parent_path_name.encode("unicode-escape"),
Expand Down Expand Up @@ -503,7 +503,7 @@ async def get_filebrowsobj_permissions_by_path(request, user):
return json({"status": "error", "error": "Missing host parameter"})
if "full_path" not in data:
return json({"status": "error", "error": "Missing full_path parameter"})
file = await db_objects.get(query, operation=operation, host=data["host"].encode("unicode-escape"),
file = await db_objects.get(query, operation=operation, host=data["host"].upper().encode("unicode-escape"),
full_path=data["full_path"].encode("unicode-escape"))
return json({"status": "success", "permissions": file.permissions})
except Exception as e:
Expand Down
6 changes: 3 additions & 3 deletions mythic-docker/app/api/payloadonhost_api.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,15 +70,15 @@ async def add_payload_to_host(request, user):
try:
payloadonhost = await db_objects.get(
db_model.PayloadOnHost,
host=data["host"],
host=data["host"].upper(),
payload=payload,
operation=operation,
deleted=False,
)
except Exception as e:
payloadonhost = await db_objects.create(
db_model.PayloadOnHost,
host=data["host"],
host=data["host"].upper(),
payload=payload,
operation=operation,
)
Expand Down Expand Up @@ -149,7 +149,7 @@ async def delete_payloadonhost_by_host(request, user, host: str):
)
query = await db_model.operation_query()
operation = await db_objects.get(query, name=user["current_operation"])
hostname = base64.b64decode(host).decode()
hostname = base64.b64decode(host).decode().upper()
poh_query = await db_model.payloadonhost_query()
poh = await db_objects.execute(
poh_query.where(
Expand Down
6 changes: 3 additions & 3 deletions mythic-docker/app/api/processlist_api.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ async def get_a_process_list(request, user, pid, host):
operation = await db_objects.get(query, name=user["current_operation"])
except Exception as e:
return json({"status": "error", "error": "failed to get current operation"})
host = base64.b64decode(host).decode("utf-8")
host = base64.b64decode(host).decode("utf-8").upper()
query = await db_model.processlist_query()
if pid > 0:
try:
Expand Down Expand Up @@ -132,7 +132,7 @@ async def get_adjacent_process_list(request, user):
query.where(
(db_model.ProcessList.operation == operation)
& (db_model.ProcessList.id < data["pid"])
& (db_model.ProcessList.host == data["host"])
& (db_model.ProcessList.host == data["host"].upper())
)
.order_by(-db_model.ProcessList.id)
.limit(1)
Expand All @@ -158,7 +158,7 @@ async def get_adjacent_process_list(request, user):
query.where(
(db_model.ProcessList.operation == operation)
& (db_model.ProcessList.id > data["pid"])
& (db_model.ProcessList.host == data["host"])
& (db_model.ProcessList.host == data["host"].upper())
)
.order_by(db_model.ProcessList.timestamp)
.limit(1)
Expand Down
6 changes: 3 additions & 3 deletions mythic-docker/app/api/rabbitmq_api.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -585,7 +585,7 @@ async def handle_automated_payload_creation_response(task, rsp, data, host):
await db_objects.update(task)
await db_objects.create(
db_model.PayloadOnHost,
host=host,
host=host.upper(),
payload=payload,
operation=payload.operation,
task=task,
Expand Down Expand Up @@ -779,7 +779,7 @@ async def register_artifact(request):
task=task,
artifact_instance=request["artifact_instance"].encode(),
artifact=artifact,
host=request["host"],
host=request["host"].upper(),
operation=task.callback.operation,
)
await log_to_siem(art.to_json(), mythic_object="artifact_new")
Expand All @@ -803,7 +803,7 @@ async def register_payload_on_host(request):
payloadquery = await db_model.payload_query()
payload = await db_objects.get(payloadquery, uuid=request["uuid"], operation=task.operation)
payload_on_host = await db_objects.create(db_model.PayloadOnHost, payload=payload,
host=request["host"].encode(), operation=task.operation, task=task)
host=request["host"].upper().encode(), operation=task.operation, task=task)
return {"status": "success"}
except Exception as e:
return {"status": "error", "error": "Failed to find payload"}
Expand Down
6 changes: 3 additions & 3 deletions mythic-docker/app/api/response_api.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -320,7 +320,7 @@ async def post_agent_response(agent_message, UUID):
fobj = await db_objects.get(
filebrowserquery,
operation=task.callback.operation,
host=f["host"].encode("unicode-escape"),
host=f["host"].upper().encode("unicode-escape"),
full_path=f["path"].encode("unicode-escape"),
deleted=False,
)
Expand Down Expand Up @@ -490,7 +490,7 @@ async def post_agent_response(agent_message, UUID):
f = await db_objects.create(
db_model.FileMeta,
task=task,
host=host.encode("unicode-escape"),
host=host.upper().encode("unicode-escape"),
total_chunks=file_meta.total_chunks,
chunks_received=file_meta.chunks_received,
chunk_size=file_meta.chunk_size,
Expand Down Expand Up @@ -519,7 +519,7 @@ async def post_agent_response(agent_message, UUID):
+ parsed_response["full_path"]
).encode("unicode-escape")
if host != file_meta.host:
file_meta.host = host.encode("unicode-escape")
file_meta.host = host.upper().encode("unicode-escape")
await db_objects.update(file_meta)
if file_meta.full_remote_path != "":
await add_upload_file_to_file_browser(task.callback.operation, task, file_meta,
Expand Down
2 changes: 1 addition & 1 deletion mythic-docker/app/templates/base.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -725,7 +725,7 @@ <h6 class="dropdown-header">Operational Feeds</h6>
</li>
</ul>
</span>
<font size="4" style="float:right;padding-right:10px">v2.1.17</font>
<font size="4" style="float:right;padding-right:10px">v2.1.18</font>
{% endif %}
</div>
</nav>
Expand Down
31 changes: 21 additions & 10 deletions mythic-docker/app/templates/callbacks.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4149,7 +4149,7 @@ function process_file_browser_data(data){
});
}
// what if we're adding a new top level root
if (data['parent'] === null) {
if (data['parent'] === null && data["file_browser"] === undefined) {
for (let i = 0; i < meta['file_browser'][data['host']]['children'].length; i++) {
if (data['name'] in meta['file_browser'][data['host']]['children'][i]) {
Object.assign(meta['file_browser'][data['host']]['children'][i][data['name']]['data'],
Expand Down Expand Up @@ -4178,14 +4178,26 @@ function process_file_browser_data(data){
function add_update_file_browser(search, element) {
//recursive base case
//ust check to see if it's the one we're looking for otherwise return up
if (element['data']['id'] === search['id']) {
Object.assign(element['data'],
element['data'],
search);
task_data.$forceUpdate();
return true;
if (search["file_browser"] !== undefined){
//we're looking at a file_meta object that's downloading
if(search["file_browser"] === element["data"]["id"]) {
Object.assign(element['data'],
element['data'],
search);
task_data.$forceUpdate();
return true;
}
}else{
//we're looking at file browsing data
if(search["id"] === element["data"]["id"]){
Object.assign(element['data'],
element['data'],
search);
task_data.$forceUpdate();
return true;
}
}
if(element["is_file"]){return false;}
if(element["data"]["is_file"]){return false;}
//we aren't in the base case, so let's iterate through the current item's children
if (element['children'] !== undefined) {
for (let i = 0; i < element['children'].length; i++) {
Expand All @@ -4196,9 +4208,8 @@ function add_update_file_browser(search, element) {
}
}
}

//if we get here, and parent is true, then we are the parent and failed to find the child, so we need to add it
if (element['data']['id'] === search['parent']) {
if (search["file_browser"] === undefined && element["data"]['id'] === search['parent']) {
let new_data = {};
new_data[search['name']] = {"data": search, "children": []};
if(element['children'] === undefined){
Expand Down

0 comments on commit c82266c

Please sign in to comment.